Osama Bin Laden found hanged! Paris Hilton releases new SEX TAPE! Michael Jackson makes suicide attempt! Take a look at these pics! Is it any wonder in our celebrity-obsessed, news-driven society that some users will click on these eye-catching, but malware laden, e-mail attachments?
Malicious code writers will try all kinds of tricks to entice people into clicking. Whether it offers Hollywood gossip, pornographic movies or unreleased news images, these attachments and site links disguise the attackers' ultimate goal of installing Trojans, worms and viruses on users' systems.
"Celebrities being used to help spread viruses is not new," Carole Theriault, a security consultant at Lynnfield, Mass.-based Sophos, said in an e-mail. "There have been countless examples where viruses, particularly those that spread as infected e-mail attachments, purport to have salacious and/or compromising images of a celeb. Virus writers will use the promise of revealing something about a famous person to goad a user into opening the malicious file [or clicking on a malicious link]."
According to an analysis by Panda Software in Glendale, Calif., which coincidentally isn't too far from star-riddled Hollywood, celebrity names most frequently used in conjunction with malicious code include:
- 1. Britney Spears
- 2. Bill Gates
- 3. Jennifer Lopez
- 4. Shakira
- 5. Osama Bin Laden
- 6. Michael Jackson
- 7. Bill Clinton
- 8. Anna Kournikova
- 9. Paris Hilton
- 10. Pamela Anderson
"While the use of celebrity names as a social engineering tool has been around for a long time, its use in today's security environment may have a different importance," said Patrick Hinojosa, CTO of Panda Software. "Microsoft and computer security vendors have been working hard on closing down vulnerabilities that allow malware to run automatically without user intervention. Tricking the end user to manually run the malware is easier than retooling code to take advantage platform vulnerabilities."
Concluded Hinojosa: "I expect social engineering tactics to be with us for a long time as it's a tried and true door into otherwise protected systems."